| Monday December 22nd 2014

Feedburner

Subscribe by email:

We promise not to spam/sell you.


Search Amazon deals:

‘security’ Archives

Blu-ray falls: HDCP key crack confirmed

Blu-ray falls: HDCP key crack confirmed

Intel has confirmed that the rumored master key crack for HDCP (the high-definition video "copy protection" used in Blu-Ray, high def consoles, and many game consoles) is real. Blu-Ray and other systems that rely on HDCP are now terminally compromised. As a practical matter, the most likely scenario for a hacker would be to create a computer chip [...]

Adobe issues security advisory for Flash Player, plans fix “during the week of September 27″

Adobe issues security advisory for Flash Player, plans fix “during the week of September 27″

Adobe has issued a security advisory for "Flash Player 10.1.82.76 and earlier versions for Windows, Macintosh, Linux, Solaris, and Adobe Flash Player 10.1.92.10 for Android, which also affects Adobe Reader 9.3.4 for Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh." The vulnerability can [...]

HDCP master-key leaks, possible to make unrestricted Blu-ray recorders

HDCP master-key leaks, possible to make unrestricted Blu-ray recorders

Engadget reports that the master key that controls HDCP, the anti-copying system used to restrict the outputs of Blu-Ray boxes, set-top boxes, and many game systems, have been compromised and published. With these keys, knowledgeable users can make their own "source" and "sink" keys for devices that permit copying at full resolution -- which [...]

PS3 Jailbreak Released

(more…)

HOWTO: Block brute force attacks on your SSH server

HOWTO: Block brute force attacks on your SSH server

You have probably seen very simple iptables rules to do this. This is a little bit better. -A INPUT -i eth0 -p tcp -m tcp --dport 22 -m state --state NEW -m recent --set --name SSH --rsource -A INPUT -i eth0 -p tcp -m tcp --dport 22 -m recent --rcheck --seconds 30 --hitcount 4 --rttl --name SSH --rsource -j REJECT --reject-with tcp-reset -A [...]

Cars hacked through wireless tire sensors

Cars hacked through wireless tire sensors

The tire pressure monitors built into modern cars have been shown to be insecure by researchers from Rutgers University and the University of South Carolina. The wireless sensors, compulsory in new automobiles in the US since 2008, can be used to track vehicles or feed bad data to the electronic control units (ECU), causing them to [...]

Former SF City sysadmin gets 4 year sentence for refusing to hand over passwords

Former SF City sysadmin gets 4 year sentence for refusing to hand over passwords

45-year-old Terry Childs, a former sysadmin for the city of San Francisco, was sentenced Friday to four years in prison for refusing to hand over administrative passwords to the city's FiberWAN network back in July 2008. A judge convicted Childs in April of violating state hacking laws. Although the city's network continued to run during the [...]

Wikileaks posts “Insurance” file to website

Wikileaks posts “Insurance” file to website

I thought this stuff only happened in bad movies. The huge file, posted on the Afghan War page at the WikiLeaks site, is 1.4 GB and is encrypted with AES256. The file’s size dwarfs the size of all the other files on the page combined. The file has also been posted on a torrent download site as well. It’s not known what the file contains [...]

Facebook typo squatting

Facebook typo squatting

A domain registered in a tiny town in Georgia is presenting fumble-fingered Facebook fans with few fun-filled hours of diversion: (more…)

Faux femme fatale finds flaws in social networking security

Faux femme fatale finds flaws in social networking security

Security researcher Thomas Ryan wanted to demonstrate the vulnerability of social networks, so he created a fictional analyst alter-ego named "Robin Sage." She was a hot 25-year-old with an MIT degree, a résumé that included a job at the Naval Network Warfare Command, and "over 10 years" of hacking experience (she started at age 14.) She [...]

Personal info of thousands of Israelis stolen by Turkish hackers

Personal info of thousands of Israelis stolen by Turkish hackers

According to reports in local media the email addresses, passwords and personal information of over 100,000 Israelis is being shared on Turkish hacking forums. Apparently, they were lifted from compromised websites in the aftermath of the Gaza flotilla raid earlier this year. The data breach was originally reported last Friday by an Israeli [...]

4chan has field day with YouTube injection flaw

4chan has field day with YouTube injection flaw

Eager YouTube fans were greeted with annoying pop-ups, disabled comments, and even porn redirects over Independence Day weekend as they tried to scope out their favorite videos. A group of malicious pranksters (believed to be from 4chan) was able to take advantage of an cross-site scripting vulnerability in YouTube's comments Sunday, breaking [...]

AT&T security breach exposed 114k Apple iPad users

AT&T security breach exposed 114k Apple iPad users

If you own a cellular Apple iPad, an AT&T web address has exposed your personal info to anyone wily enough to ping it, reports Ryan Tate at Gawker. Your email address, and a tracking ID unique your SIM card, were open to any who may have discovered the hole before it was closed. According to the data we were given by the web security group [...]

Commercially available ATM skimmers

Commercially available ATM skimmers

Brian Krebs continues his excellent series of posts on ATM skimmers, this time with a report on the state of the art in commercially available artisan-crafted skimmers that can be bought through the criminal underground... Generally, these custom-made devices are not cheap, and you won't find images of them plastered all over the Web. Take [...]

Facebook search hax!

Facebook search hax!

The admins at Facebook are concerned with your personal information: weekend call me sex delete sad facebook party slut new pics

Typhoid adware hijacks LAN, inserts ads into uninfected computers’ browsers

Typhoid adware hijacks LAN, inserts ads into uninfected computers’ browsers

Security researchers at the University of Calgary have identified a new malware they call "Typhoid." Typhoid impersonates the wireless router on your local network, effecting a man-in-the-middle attack that allows it to insert ads into the browsing sessions of all the other, uninfected users on the LAN. Typically, adware authors install their [...]

Phishing as a day-job

Phishing as a day-job

A single person in Nigeria is responsible for creating 1,100 phishing sites, as reported by Phishlabs after clever experiment that allowed them to monitor the use of phishing tool-kits in the wild. The fraudster set up two to three phishing sites a week. Meanwhile, the Anti-Phishing working group attributes two thirds of phishing attacks to a [...]

A botnet with 6 to 12 million computers, employing the world’s most sophisticated encryption and peer-to-peer communication lies waiting, but for what?

A botnet with 6 to 12 million computers, employing the world’s most sophisticated encryption and peer-to-peer communication lies waiting, but for what?

My guess? They're gearing up for the biggest anti-Caltech prank in MIT's history. When the Conficker computer "worm" was unleashed on the world in November 2008, cyber-security experts didn’t know what to make of it. It infiltrated millions of computers around the globe. It constantly checks in with its unknown creators. It uses an encryption [...]

Facebook Rolls Out New Login Security Features

Facebook Rolls Out New Login Security Features

Facebook is now one of the most popular targets for phishers, hackers and scammers. According to the Associated Press, however, Facebook is in the process of rolling out some new security features that will protect its users from malicious attacks, spam and phishing scams. For a while now, Facebook already offered users the ability to be notified [...]

Meganet’s Dominator I snoops on four GSM convos at once… and fits in your overnight bag

"Dominator I" sounds more like a monster truck than a collection of small boxes that collectively erase 20 years of relatively secure wireless phone service, doesn't it? Alas, what you're looking at here is a convenient, plug-and-play solution for exploiting the hard work the world's hacking community has put into cracking the A5/1 encryption used [...]

 Page 3 of 14 « 1  2  3  4  5 » ...  Last »